CLAIM LISTING 



1 , (Currently amended) A method of identifying a user participating in a 
network communication session comprising the steps of: 

creating a master database having a first table with a first plurality of cells for 
a set of binary keys, a second plurality of cells for a plurality of key pointers, and third 
plurality of cells for markers identifying an instance of an application; 

creating a second table in the master database with a first plurality of cells 
for information related to eligible users and a second plurality of cells for user-associated 
tokens; 

creating an application to be accessed by eligible users over a 
communications network; 

associating the master database with the application to be accessed by the 
eligible users identified in a second table of the master database; 

generating a plurality of binary key pointers and a plurality of binary keys of 
a predetermined length and associating each binary pointer with a unique one of the binary 
keys; 

associating the key pointers with a first instance of the application; 
entering information relating to the eligible users for the first instance into the 
first plurality of cells in the second table; 

generating a plurality of tokens wherein each token contains a nested 

checksum : 

associating each eligible user with a unique one of the tokens from the 
plurality of tokens by placing the associated token in a position in the second plurality of 
cells in the second table corresponding to the eligible user in the first plurality of cells in the 
second table; 

encrypting each user-associated token with a randomly selected one of the 
plurality of binary keys; 

prepending each encrypted token with the key pointer associated with the 
binary key used to encrypt the token; 
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providing the combined key pointer and encrypted token to the associated 

eligible user; 

receiving the combined key pointer and encrypted token returned by a user 
through the communications network; 

finding the key pointer in the second plurality of cells of the first table; 

retrieving the corresponding binary key from the first plurality of cells in the 
first table if the key pointer is found in the second plurality of cells of the first table and the 
key pointer received is not marked as disabled; 

decrypting the encrypted token sent by the user using the retrieved binary key 
from the first plurality of cells of the first table if the binary key is found in the first plurality 
of cells in the first table and the binary key is not marked as disabled; 

retrieving the corresponding information relating to the eligible user from the 
first plurality of cells in the second table if the token is found in the second plurality of cells 
of the second table and the token is not marked as disabled; and 

using this information to give the eligible user access to the corresponding 
instance of the application. 

2. (Original) The method of claim 1 further comprising the step of encoding 
the combined key pointer and encrypted token to conform to the protocols of the 
communications network. 

3. (Original) The method of claim 1 wherein the binary key pointers are 
cryptographically random. 

4. (Original) The method of claim 1 wherein the tokens are cryptographically 
random. 

5. (Canceled) 
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6. (Original) The method of claim 1 further comprising the step of denying 
access to the user if the key pointer received cannot be found in the second plurality of 
cells of the first table or the key pointer received is marked as disabled. 

7. (Original) The method of claim 1 further comprising the step of denying 
access if the binary key is not found in the first plurality of cells of the first table or the 
binary key is marked as disabled. 

8. (Currently amended) The method of claim 15 further comprising the 
step of verifying that the nested checksum in the decrypted token contains the values 
corresponding to the algorithm by which it was generatedj-and 

9. (Original) The method of claim 8 further comprising the step of denying 
access to the user if the values contained in the nested checksum are not correct. 

1 0. (Original) The method of claim 8 further comprising the step of finding the 
decrypted token in the second plurality of cells of the second table if the nested checksum 
is correct. 

1 1 . (Original) The method of claim 8 further comprising the step of denying 
access to the user if the token is not found in the second plurality of cells in the second 
table or the token is marked as disabled. 

12. (Currently amended) A method of identifying a user participating in a 
network communication session comprising the steps of: 

creating a master database having a first table with a first plurality of cells for a set 
of binary keys, a second plurality of cells for a plurality of key pointers, and third plurality 
of cells for markers identifying an instance of an application; 

creating a second table in the master database with a first plurality of cells for 
information related to eligible users and a second plurality of cells for user-associated 
tokens; 
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creating an application to be accessed by eligible users over a communications 
network; 

associating the master database with the application to be accessed by the eligible 
users identified in a second table of the master database; 

generating a plurality of binary key pointers and a plurality of binary keys of a 
predetermined length and associating each binary pointer with a unique one of the binary 
keys; 

associating the key pointers with a first instance of the application; 

entering information relating to the eligible users for the first instance into the first 
plurality of cells in the second table; 

generating a plurality of tokens wherein each token contains a nested checksum : 

associating each eligible user with a unique one of the tokens from the plurality of 
tokens by placing the associated token in a position in the second plurality of cells in the 
second table corresponding to the eligible user in the first plurality of cells in the second 
table; 

encrypting each user-associated token with a randomly selected one of the plurality 
of binary keys; and 

prepending each encrypted token with the key pointer associated with the binary key 
used to encrypt the token; 

providing the combined key pointer and encrypted token to the associated eligible 

user; 

receiving the combined key pointer and encrypted token returned by a user through 
the communications network: 

finding the kev pointer in the second plurality of cells of the first table: 

retrieving the corresponding binary key from the first plurality of cells in the first table 
if the kev pointer is found in the second plurality of cells of the first table and the kev 
pointer received is not marked as disabled: 

decrypting the encrypted token sent by the user using the retrieved binary key from 
the first plurality of cells of the first table if the binary key is found in the first plurality of cells 
in the first table and the binary kev is not marked as disabled: 
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verifying that the nested checksum in the decrypted token contains the values 
corresponding to the algorithm bv which it was generated: 

retrieving the corresponding information relating to the eligible user from the first 
plurality of cells in the second table if the token is found in the second plurality of cells of 
the second table and the token is not marked as disabled; and 

using this information to give the eligible user access to the corresponding instance 
of the application . 

13. (Original) The method of claim 12 further comprising the step of encoding 
the combined key pointer and encrypted token to conform to the protocols of the 
communications network. 

14. (Original) The method of claim 12 wherein the binary key pointers are 
cryptographically random. 

15. (Original) The method of claim 12 herein the tokens are cryptographically 
random. 

16. (Original) The method of claim 12 herein each of the tokens contains a 
nested checksum. 

17. (Canceled) 

18. (Currently amended) Themethodof claim 1247- further comprising the 
step of denying access to the user if the key pointer received cannot be found in the 
second plurality of cells of the first table or the key pointer received is marked as disabled. 

19. (Original) The method of claim 1247 further comprising the step of 
denying access if the binary key is not found in the first plurality of cells of the first table or 
the binary key is marked as disabled. 
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20. (Canceled) 



21. (Currently amended) The method of claim 1220 further comprising the 
step of denying access to the user if the values contained in the nested checksum are not 
correct. 

22. (Original) The method of claim 21 further comprising the step of finding 
the decrypted token in the second plurality of cells of the second table if the nested 
checksum is correct. 

23. (Original) The method of claim 22 further comprising the step of denying 
access to the user if the token is not found in the second plurality of cells in the second 
table or the token is marked as disabled. 
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